40961 SPNEGO & 1030 errors

L

LHargrove

We have a Windows 2000 domain with two domain controllers. Various roles
are shared amongst the DCs. The DCs are also DNS and DHCP servers. They have
no other roles. There are no errors or warnings in either of the DCs event
logs. DCs are fully patched.

I have about 12 XP computers out of 25 that will get the below listed
error messages in their event logs.

First Error:

Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 5/19/2008
Time: 5:15:45 AM
User: N/A
Computer: W-CEO-1
Description:
The Security System could not establish a secured connection with the server
ldap/smith6.jsmith.com/[email protected]. No authentication protocol was
available.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


(Smith6 is a DC).

Second Error on same machine:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 5/19/2008
Time: 3:37:45 AM
User: SMITH\anne
Computer: W-CEO-1
Description:
Windows cannot query for the list of Group Policy objects. A message that
describes the reason for this was previously logged by the policy engine.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


I have run netdiag on these machines with no errors. I have also run (on
the DCs) DCDiag and have no warnings or errors.

It seems to me that the first error message I listed is the main problem.
I cannot understand how the XP workstation thinks the path to Smith6 could be
the one listed in the error message.

These errors will start between 8 and 24 hours after the XP computer is
rebooted. As a test, I took one of these "problem" machines into the server
room and connected it directly to one of the switches. The machine ran for
over two weeks without a single error in the event log (of couse the computer
was just sitting and not being used by anyone, but I am not sure that would
matter).

I have serached support.microsoft.com as well as the various newsgroups
here, but cannot seem to find anything that really matches this problem.

Any help that you could render would be greatly appreciated.
 
M

Meinolf Weber

Hello LHargrove,

Please post an unedited ipconfig /all from one client and your DC/DNS servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
 
L

LHargrove

Thanks for the quick reply.

Here is the info from smith6, one of the DCs:

C:\Documents and Settings\Administrator.SMITH>ipconfig /all

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : smith6
Primary DNS Suffix . . . . . . . : jsmith.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : jsmith.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme 5721 Gigabit
Cont
roller
Physical Address. . . . . . . . . : 00-12-3F-24-79-D6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.15
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.250
DNS Servers . . . . . . . . . . . : 192.168.1.16
192.168.1.15
Primary WINS Server . . . . . : 192.168.1.15



Here is the ipconfig info from one of the problem computers:

C:\Documents and Settings\Anne.SMITH>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : W-CEO-1
Primary Dns Suffix . . . . . . . : jsmith.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : jsmith.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit
Network Connection
Physical Address. . . . . . . . . : 00-1E-C9-5E-28-1F
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.202
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.250
DNS Servers . . . . . . . . . . . : 192.168.1.15
192.168.1.16
Primary WINS Server . . . . . . . : 192.168.1.16
Secondary WINS Server . . . . . . : 192.168.1.15

C:\Documents and Settings\Anne.SMITH>


The addresses of 192.168.1.15 and 192.168.1.16 are the DCs. I also realize
that the two DCs are pointing at each other for DNS. I have read a lot of
pros and cons about doing this, and it doesn't seem to affect this problem no
matter how I set it.

Thanks again for your help.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows 2003 Event ID: 40961 3
Security System detected an attempted downgrade attack... 1
Multiple event IDs 675, 676 and 681 7
Event ID 40960 + 40961 / SPNEGO 5
LSASRV & SPNEGO (Negotiator) 0
Event ID 1030, 40961 and 673 on DC 3
SPNEGO 40961 & USERENV 1030 errors 1
dcom errors 1

Top